What might well be seen as a modern day manifestation of Sutherland’s (1947) differential association theory and Akers’ (1973) social learning theory was present in case 6, where the two principal offenders interacted with others in the dark web, actively seeking out learning opportunities. In a traditional sense, a community of practice, according to Wenger (1998), entails three components: (1) the domain; (2) the community; and (3) the practice. When applied to criminal learning in the dark web, the domain, or interest area, might be the development of bots capable of taking over another’s computer, the dark web community, anonymous by its nature but still with a traditional spread of expertise from experts to beginners as found in a range of dark web forums, and, finally, the practice—the criminal endeavour—of distributing bots in order to harvest identity data from unsuspecting online users. This dark web community of practice provides criminally minded individuals with the ability to learn in what Wenger (1998) described as a social environment, because essentially,
‘learning is, at its essence, a fundamentally social phenomenon’. Case 6 provided one example of offenders accessing dark web forums where they acquired necessary knowledge, skills and techniques that enabled them to steal identity details and use those to establish false identities which facilitated further financial crime.
Chapter 5: Insiders versus outsiders—alternative paths to criminogenic knowledgeResearch Report 10 | Australian Institute of Criminology
Discussion
The nature of a financial system is that of a business structure that facilitates the legitimate exchange of value from one entity or account to another. Value exchanges across financial systems have historically required individuals or groups of individuals with the knowledge and skills necessary to process, record and monitor such exchanges, which in turn dictates that those individuals have the obligatory knowledge, skills and techniques needed to facilitate such activities. The financial criminal, like the legitimate employee, must understand how a financial system operates, both under normal operating conditions and how it operates, or is likely to operate, under abnormal operating conditions, such as when incorrect or fraudulent requests are made of the system. This need for knowledge of how a financial system operates is fundamental to all financial crimes that contributed to this research, including, but not limited to, superannuation, credit card skimming and cloning, procurement and mortgage and insider trading frauds. While learning theories assert that criminal behaviour, as distinct from a working knowledge of a financial system, is acquired via communication in intimate groups (Sutherland 1947; Akers 1973; Benson & Simpson 2018), it was Cohen and Felson’s (1979) routine activity theory that acknowledged that much of the necessary systems knowledge is obtained via daily routine activities (McLaughlin & Muncie 2006). In part, at least, a fraudster’s daily routines provide them with knowledge of specific financial systems which, in turn, enables the commission of a crime (Cornish 1994; Felson 1998; Smith; 2014), and it is the case that much of this knowledge is, and can be, legitimately acquired via occupational roles and other daily routine activities.
Table 2: Insider learning data Insider cases
Case number Crime type
Traditional learning sources
Alternative learning sources
Formal tertiary qualifications On the job learning Exposure to criminal methodologies Exposure to investigative practices Criminal facilitators Dark web communities of practice
1 Accounting fraud X X
4 Debt refinancing X
9 Insider trading X X
12 Procurement fraud X X X
14 Tax evasion X X
15 Tax evasion X X
16 Tax evasion X X X
17 Theft as an employee X
18 Theft as an employee X
19 Theft as an employee X X
Drawing on all cases where the principal offender was classified as an insider, the data presented in Table 2 identifies a strong correlation between the internal offender and what might be termed legitimate traditional learning sources. Traditional learning sources, including on-the-job learning opportunities, formal tertiary qualifications and knowledge, skills and techniques acquired via routine daily activities, in these cases, provided the necessary knowledge base for these crimes to be committed within the constraints of the individual cases. In most of these cases (n=7), the learning centred on an organisation’s internal financial systems and was, in most instances, sufficient to allow the offender to commit their crimes.
However, in the remaining cases (n=3), further learning that was not available through legitimate traditional learning sources was sought. In cases 12 and 16, this included engaging with criminal facilitators, while in case 19, this involved studying the criminal methodologies identified as a result of workplace investigations.
A noticeable variation between insiders and outsiders in this study was represented in the data contained in Table 3. In the outsider cases, uniformity of learning sources was less evident, with a wider variety of what might be termed alternative learning sources being accessed.
Chapter 5: Insiders versus outsiders—alternative paths to criminogenic knowledgeResearch Report 10 | Australian Institute of Criminology
In this context, the alternative learning sources reveal how offenders in these nine cases supplemented the absence of insider knowledge. This was achieved in a variety of ways, including corrupting insiders within victim organisations, engaging criminal facilitators and learning within the dark web.
Table 3: Outsider learning data Outsider cases
Case number Crime type
Traditional learning sources
Alternative learning sources
Formal tertiary qualifications On-the-job learning Exposure to criminal methodologies Exposure to investigative practices Criminal facilitators Dark web communities of practice
2 Debit/credit card skimming X X
3 Debit/credit card skimming X
5 ID manufacturing X X
6 ID theft X
7 ID theft X
8 ID theft X
10 Mortgage fraud X
11 Mortgage fraud X X X
13 Superannuation fraud X X
In nearly all insider cases (n=7), all information needs were satisfied via occupational positions that provided all necessary information. In the absence of direct access to financial systems, however, outsiders were forced to overcome information deficiencies through a range of alternative learning sources. While this is certainly not an exhaustive list, the research identified four alternative learning sources which, within the constraints of this research, assisted criminals to transition from possessing a baseline level of financial systems knowledge to a point where they were able to utilise that knowledge in a way which enabled them to commit a financial crime. Crime facilitators and the dark web, in cases 2, 6, 10, 11 and 13, provided the basis upon which the initial crimes were planned by outsiders, while in cases 3, 5, 7 and 19, exposure to criminal methodologies and exposure to investigative practices provided for both outsiders’ and insiders’ methods to either vary or improve upon their crimes.